From owner-cvs-all@FreeBSD.ORG Mon Feb 14 09:33:33 2005 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B69516A4CE; Mon, 14 Feb 2005 09:33:33 +0000 (GMT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id A387243D49; Mon, 14 Feb 2005 09:33:32 +0000 (GMT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 3000) id 897AD11959; Mon, 14 Feb 2005 10:33:31 +0100 (CET) Date: Mon, 14 Feb 2005 10:33:31 +0100 From: "Simon L. Nielsen" To: Gleb Smirnoff Message-ID: <20050214093330.GA737@arthur.nitro.dk> References: <200502140542.j1E5g62l077236@repoman.freebsd.org> <20050214072648.GA51832@cell.sick.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VS++wcV0S1rZb1Fb" Content-Disposition: inline In-Reply-To: <20050214072648.GA51832@cell.sick.ru> User-Agent: Mutt/1.5.6i cc: cvs-src@freebsd.org cc: src-committers@freebsd.org cc: Xin LI cc: cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/net if.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 09:33:33 -0000 --VS++wcV0S1rZb1Fb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.02.14 10:26:48 +0300, Gleb Smirnoff wrote: > On Mon, Feb 14, 2005 at 05:42:06AM +0000, Xin LI wrote: > X> delphij 2005-02-14 05:42:06 UTC > X>=20 > X> FreeBSD src repository > X>=20 > X> Modified files: (Branch: RELENG_5) > X> sys/net if.c=20 > X> Log: > X> MFC 1.218+1.219: > X> =20 > X> Validate ifc->ifc_len before submitting its incarnation to sbuf_new, > X> which will finally lead to kernel panic. > X> =20 > X> Security: This prevents a local DoS that can be exploited by > X> Security: both privileged and unprivileged users. > X> Submitted by: Wojciech A. Koszek [dunstan at freebsd czest pl] > X> PR: 77421 > X> =20 > X> Early MFC discussed with and reviewed by: > X> security (simon, trhodes) >=20 > Is it going to be put into RELENG_5_3? Since we don't issue security advisories for local DoS'es I don't think so, but it's not my call. --=20 Simon L. Nielsen --VS++wcV0S1rZb1Fb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFCEHBqh9pcDSc1mlERAl01AJ4g0AqABIaUjFIfDhqSQrTY6gClEwCcCImO yF8W44g95hVLJMh+4HJgZAI= =DMKa -----END PGP SIGNATURE----- --VS++wcV0S1rZb1Fb--